Security Audit
Broken Authentication Testing
github.com/sickn33/antigravity-awesome-skillsPartial VerificationCommit 9f5351e844df
40
CRITICAL0
Critical
Immediate action required
4
High
Priority fixes suggested
0
Medium
Best practices review
0
Low
Acknowledged / Tracked
Trust Assessment
This report is partially verified. Deterministic layers ran, but LLM behavioral analysis (L4) was not executed for this scan.
The current score of 40/100 is provisional and may change after a full L4 verification run.
Last analyzed on February 20, 2026 (commit 9f5351e8). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Manifest Analysis
100%Static Code Analysis
40%Dependency Graph
100%LLM Behavioral SafetyNot run
—Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Hardcoded Bearer Token detected A hardcoded Bearer Token was found. Secrets should be stored in environment variables or a secret manager. Replace the hardcoded secret with an environment variable reference. | Static | skills/broken-authentication/SKILL.md:425 | |
| HIGH | Hardcoded Bearer Token detected A hardcoded Bearer Token was found. Secrets should be stored in environment variables or a secret manager. Replace the hardcoded secret with an environment variable reference. | Static | skills/broken-authentication/SKILL.md:437 | |
| HIGH | Hardcoded Bearer Token detected A hardcoded Bearer Token was found. Secrets should be stored in environment variables or a secret manager. Replace the hardcoded secret with an environment variable reference. | Static | skills/broken-authentication/SKILL.md:432 | |
| HIGH | Hardcoded Bearer Token detected A hardcoded Bearer Token was found. Secrets should be stored in environment variables or a secret manager. Replace the hardcoded secret with an environment variable reference. | Static | skills/broken-authentication/SKILL.md:444 |